Skip to content

Commit

Permalink
src: CHECK() for argument overflow in Spawn()
Browse files Browse the repository at this point in the history
This commit adds checks for overflow to args and env in Spawn().
It seems extremely unlikely that either of these values would
overflow from a valid use case.

Fixes: #15622
PR-URL: #16761
Reviewed-By: Gireesh Punathil <[email protected]>
  • Loading branch information
cjihrig authored and MylesBorins committed Nov 17, 2017
1 parent 2f1f7e1 commit 8d31294
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions src/process_wrap.cc
Original file line number Diff line number Diff line change
Expand Up @@ -185,6 +185,8 @@ class ProcessWrap : public HandleWrap {
if (!argv_v.IsEmpty() && argv_v->IsArray()) {
Local<Array> js_argv = Local<Array>::Cast(argv_v);
int argc = js_argv->Length();
CHECK_GT(argc + 1, 0); // Check for overflow.

// Heap allocate to detect errors. +1 is for nullptr.
options.args = new char*[argc + 1];
for (int i = 0; i < argc; i++) {
Expand All @@ -211,6 +213,7 @@ class ProcessWrap : public HandleWrap {
if (!env_v.IsEmpty() && env_v->IsArray()) {
Local<Array> env_opt = Local<Array>::Cast(env_v);
int envc = env_opt->Length();
CHECK_GT(envc + 1, 0); // Check for overflow.
options.env = new char*[envc + 1]; // Heap allocated to detect errors.
for (int i = 0; i < envc; i++) {
node::Utf8Value pair(env->isolate(),
Expand Down

0 comments on commit 8d31294

Please sign in to comment.